One of the promises of Web 2.0 widgets is that it can take data from various inputs and output them into various formats, and views. Some of the more interesting technology like prediction models, state models, and data aggregation promise to change how information security data is presented to security engineers. There are issues though that need to be addressed, one is data reduction, in that there is so much data generated from systems like domain controllers, routers set to information or firewalls set to information that automation has to be able to make decisions as to how best to data reduce the stream of information. A chaining inference engine would help solve the data reduction problem combined with a presentation layer as a widget embedded in a web page or applet. The other major issue is going to be controlling the data stream from IDS systems. IDS systems still need a lot of work in how they manage data. And if anyone has ever turned on a NetBIOS rule on a windows network knows exactly how overwhelmed the IDS system can become. Ensuring that the rule set is properly configured and then properly pushed out to all agents will help in controlling the background noise from IDS and other systems that look for violations on the network based on rules or anomaly. Data quality is the final issue, data has to be of sufficient quality to make the human decision process either. This is where data reduction, a chaining inference engine as well as running it through a predictive model will help. The data though has to be good quality data and not a major processing overhead or throw up information that is not related to other elements in the data set. Once of the things that I have seen commonly in some of the Security Enterprise Management tools is that a number of unrelated events will be correlated together, like a faulting service account followed by a chat session using a completely different account of computer network. In tying together fragmented systems, using Ajax and other web 2.0 technologies to build out a partial intelligence behind the system would be beneficial for tier 1 and tier 2 security service support. As well as enough knowledge built into the system to handle changes in the IDS or other support system rules. As in the scenario of "the junior security engineer that enables NetBIOS rules in Snort across the enterprise". There is a lot of promise in how web 2.0 technologies can go a long way to having better data presented to the security engineer. It will be interesting to see if Ajax, Atlas, or other technologies can be brought to the data presentation layer for security engineers, and if the chaining inference engine can be helpful in working out the logic of quality, control, reduction, and relationship.